@ARTICLE{caja,
	author={M. S. Miller, M. Samuel, B. Laurie, I. Awad, and M. Stay.},
	title={Caja: Safe active content in sanitized javascript. http://google-caja.googlecode.com/files/caja-spec-2008-01-15.pdf},
	year = {2008},
	month = {jan}
},
@ARTICLE{cajalimit,
	title={What are Caja's Limitations? http://developer.yahoo.com/yap/guide/what-are-cajas-limitations.htm},
	author={YAHOO! developer network}
},
@ARTICLE{fbjs,
         title={Facebook JavaScript https://developers.facebook.com/docs/fbjs/}
},
@ARTICLE{adsafety,
	author={Joe Gibbs, Politz Spiridon, Aristides Eliopoulos, Arjun Guha, Shriram Krishnamurthi},
	title={ADsafety, Type-Based Verification of JavaScript Sandboxing}
},
@ARTICLE{webjail,
	author={S. Van Acker, P. De Ryck, L. Desmet, F. Piessens, W. Joosen},
	title={WebJail: Least-privilege Integration of Third-party Components in Web Mashups},
	URL={https://lirias.kuleuven.be/bitstream/123456789/316291/3/webjail-camera-ready.pdf}
 },
@ARTICLE{conscript,
	author={Leo A. Meyerovich, Benjamin Livshits},
	title={CONSCRIPT: Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser http://research.microsoft.com/pubs/120969/paper.pdf},
	URL={http://research.microsoft.com/pubs/120969/paper.pdf}
},
@ARTICLE{ecma,
	title={Sandard ECMA-262 version 5.1
		ECMAScript Language Specification
		http://www.ecma-international.org/publications/standards/Ecma-262.htm},
	month={June},
	year = {2011},
	URL={http://www.ecma-international.org/publications/standards/Ecma-262.htm}
},
@ARTICLE{ecmatest,
	title={ecma-262 testsuite: http://test262.ecmascript.org},
	URL={http://test262.ecmascript.org}
 }, 
@ARTICLE{gatekeeper,
	author={Salvatore Guarnieri, Benjamin Livshits},
	title={GATEKEEPER: Mostly Static Enforcement of Security and
Reliability Policies for JavaScript Code},
	URL={http://css.csail.mit.edu/6.858/2011/readings/gatekeeper.pdf}
},
@ARTICLE{html5,
         title={W3C Standards and drafts - Javascript APIs. http://www.w3.org/TR/\#tr\_Javascript\_APIs},
         URL={http://www.w3.org/TR/\#tr\_Javascript\_APIs}
},
@MANUAL{intohtmlv,
	title={Introduction to HTML5. https://developer.mozilla.org/en/HTML/HTML5},
	URL={https://developer.mozilla.org/en/HTML/HTML5}
},
@ARTICLE{XSScheatsheet,
	title={XSS Cheat Sheet. http://ha.ckers.org/xss.html},
	URL={http://ha.ckers.org/xss.html}
},
@ARTICLE{cajasafe,
	author={S. Maffeis, J. C. Mitchell, and A. Taly.},
	title={Object capabilities and isolation of untrusted web applications.},
	year={2010},
	URL={http://www.doc.ic.ac.uk/~maffeis/oakland10.pdf}
},
@ARTICLE{adjail,
         author={Mike Ter Louw, Karthik Thotta Ganesh, V.N. Venkatakrishnan},
         title={AdJail: Practical Enforcement of Confidentiality and Integrity Policies on Web Advertisements
         http://www.usenix.org/event/sec10/tech/full\_papers/TerLouw.pdf},
         URL={www.usenix.org/event/sec10/tech/full\_papers/TerLouw.pdf}
},
@ARTICLE{adsentry,
	 author={Xinshu Dong, Minh Tran, Zhenkai Liang , Xuxian Jiang},
         title={AdSentry: Comprehensive and Flexible Confinement of JavaScript-based Advertisements
         http://www4.ncsu.edu/~mqtran/pubs/ACSAC11\_ADSENTRY.pdf},
         URL={http://www4.ncsu.edu/~mqtran/pubs/ACSAC11\_ADSENTRY.pdf}
},
@ARTICLE{selfprotectjs,
	author={Phu H. Phung, David Sands, and Andrey Chudnov},
	title={Lightweight Self-Protecting JavaScript}
	URL={http://www.cse.chalmers.se/~dave/papers/ASIACCS09.pdf}
},
@ARTICLE{selfprotectjsIssues,
	author={Jonas Magazinius, Phu H. Phung, and David Sands},
	title={Safe Wrappers and Sane Policies for Self Protecting JavaScript},
	URL={http://www.cse.chalmers.se/~phung/publications/AppSec10.pdf}
},
@ARTICLE{cajaattacks,
	title={Google Caja Attack vectors - http://code.google.com/p/google-caja/w/list?q=label:Attack-Vector},
	URL={http://code.google.com/p/google-caja/w/list?q=label:Attack-Vector}
},
@ARTICLE{spidermonkey,
	title={SpiderMonkey, Mozilla's JavaScript engine written in C/C++ - https://developer.mozilla.org/en-US/docs/SpiderMonkey},
	URL={https://developer.mozilla.org/en-US/docs/SpiderMonkey}
}	